Add .env Variables to React Projects: Easy Guide

Introduction
Step-by-Step Guide
Code Example
Additional Notes
Summary
Conclusion
References

Introduction

In this article, we'll explore how to use .env files to manage environment variables in your React projects, ensuring secure handling of sensitive information and a streamlined development workflow. We'll cover creating .env files, defining variables, accessing them in your application, and best practices for security and collaboration.

Step-by-Step Guide

.env files are a great way to manage environment-specific configurations in your React applications. Here's a breakdown of how to use them:

1. Create Your .env File

At the root of your React project, create a new file named .env.
Important: This file should never be committed to version control (e.g., Git) to avoid exposing sensitive information.

2. Define Environment Variables

Inside your .env file, define variables using the following format:

REACT_APP_API_KEY=your_api_key
REACT_APP_DATABASE_URL=your_database_url

Key Points:
- Variable names should be prefixed with REACT_APP_. This signals to Create React App that these are environment variables your app needs.
- Do not use quotes around the values.

3. Access Variables in Your Application

You can access these variables anywhere in your React code using process.env:

fetch(process.env.REACT_APP_API_URL)
  .then(response => response.json())
  .then(data => console.log(data));

4. Create a .env.example (Recommended)

It's good practice to create a .env.example file alongside your .env file.
This file should contain the same variable names as your .env file but with placeholder values.
This helps other developers understand what environment variables are needed to run your application locally.
```
REACT_APP_API_KEY=your_api_key_here
REACT_APP_DATABASE_URL=your_database_url_here
```

5. Restart Your Development Server

After making changes to your .env file, you need to restart your development server for the changes to take effect.

Important Considerations:

Security: Never store sensitive information like API keys and database passwords directly in your code. .env files offer a more secure way to manage these credentials.
Client-Side Security: Remember that while .env files are not directly bundled into your production build, client-side code is still visible. Avoid storing highly sensitive information that should never be exposed to the client.
Build Systems: If you're not using Create React App, you might need additional tools or configurations to load environment variables during the build process.

By following these steps, you can effectively manage environment-specific configurations in your React projects using .env files.

Code Example

This React code fetches data from an API and displays it in a list. It uses the useEffect hook to fetch data when the component mounts. The code includes error handling and displays a loading message while fetching data. The API URL is stored in an environment variable.

// App.js
import React, { useEffect, useState } from 'react';

function App() {
  const [data, setData] = useState(null);

  useEffect(() => {
    const fetchData = async () => {
      try {
        const response = await fetch(process.env.REACT_APP_API_URL);
        const jsonData = await response.json();
        setData(jsonData);
      } catch (error) {
        console.error('Error fetching data:', error);
      }
    };

    fetchData();
  }, []);

  return (
    <div>
      <h1>My React App</h1>
      {data ? (
        <ul>
          {data.map((item) => (
            <li key={item.id}>{item.name}</li>
          ))}
        </ul>
      ) : (
        <p>Loading data...</p>
      )}
    </div>
  );
}

export default App;

Explanation:

Import useEffect: We use useEffect to fetch data when the component mounts.
Fetch Data: Inside useEffect, we use fetch to make a request to the API URL stored in process.env.REACT_APP_API_URL.
Handle Response: We parse the response as JSON and update the component's state with the fetched data.
Display Data: We conditionally render the data or a "Loading..." message based on whether the data has been fetched.

Remember:

Create a .env file at the root of your project.
Define your API URL in the .env file like this: REACT_APP_API_URL=https://api.example.com/data.
Never commit your .env file to version control.

This example demonstrates a basic implementation. You can adapt it to fetch and display data from any API by updating the API URL and data handling logic.

Additional Notes

Understanding the Mechanics:

No Direct Access on Client: While you access .env values in your React code, remember these values are not directly embedded in the client-side bundle. Create React App (and similar tools) swap them out during the build process.
Build-Time Substitution: Think of it as placeholders being replaced. Your code sees process.env.REACT_APP_API_KEY, but the built application will have the actual value from your .env file.

Beyond Create React App:

dotenv Library: If you're not using Create React App, you'll likely need the dotenv library to load variables from .env. Install it: npm install dotenv
Webpack Configuration: For projects using Webpack directly, you'll need to configure DefinePlugin to expose environment variables.

Security Best Practices:

Layered Security: Don't rely solely on .env files. Implement robust backend security to protect your API keys and sensitive data even if they were to be exposed.
Environment-Specific Files: For different environments (development, production, staging), use separate .env files (e.g., .env.development, .env.production) and load them accordingly.

Common Use Cases:

API Endpoints: Store the base URLs of your APIs to easily switch between development and production environments.
Feature Flags: Control the visibility of features in development without modifying code.
Third-Party Service Keys: Manage keys for services like Google Maps, payment gateways, etc.

Additional Tips:

Clear Naming: Use descriptive variable names to make your .env file self-documenting.
Comments: Add comments to explain the purpose of each variable.
Version Control: Always add .env to your .gitignore (or equivalent) to prevent accidental commits.

By understanding these nuances and best practices, you can leverage .env files effectively and securely in your React projects.

Summary

Feature	Description
Purpose	Manage environment-specific configurations (API keys, database URLs) securely.
File Creation	Create a `.env` file at your project's root. Never commit this file to version control.
Variable Definition	Define variables in `.env` using `REACT_APP_` prefix (e.g., `REACT_APP_API_KEY=your_api_key`). Don't use quotes around values.
Variable Access	Access variables in your code using `process.env.VARIABLE_NAME` (e.g., `process.env.REACT_APP_API_KEY`).
Best Practice: `.env.example`	Create a `.env.example` file with placeholder values to guide other developers.
Server Restart	Restart your development server after modifying `.env` for changes to take effect.
Security	- `.env` enhances security but doesn't completely eliminate client-side risks. - Avoid storing extremely sensitive data that should never be exposed client-side.
Beyond Create React App	Additional tools or configurations might be needed for loading environment variables in build systems other than Create React App.

Conclusion

.env files are a valuable tool for managing environment-specific configurations in React projects. They simplify the process of storing and accessing sensitive data like API keys and database URLs, while keeping this information separate from your codebase. By following the outlined steps and best practices, developers can leverage .env files to enhance both the security and organization of their React applications. Remember to prioritize security by never committing .env files to version control and implementing robust backend security measures. By understanding the mechanics, best practices, and common use cases of .env files, developers can streamline their workflow and build more secure and maintainable React applications.

References

Using .env file environment variables with create-react-app project ... | Using .env file environment variables with create-react-app project - env-file-in-react-create-app.md
env file in React js | In a React.js project, the .env file is typically used to store environment variables. Environment variables are used to configure various…
Adding Custom Environment Variables | Create React App | Note: this feature is available with react-scripts@0.2.3 and higher.
How to Create ENV File in React JS | PrimeInspire | Learn how to create ENV file in React JS. Our step-by-step guide helps you master React configuration effortlessly for project management. Start now!
Can't access environment variables - Support - Netlify Support Forums | I can access my environment variables when running my react app locally on localhost:8000 (using netlify dev) But once i deploy it to Netlify I cannot access them. https://gmwill934.netlify.app/ Is there something I am missing?
Missing .env file in Android Studio · Issue #327 · lugg/react-native ... | This has been working for some time, but suddenly it has stopped and i'm not sure what's going on. We have several build variants: /** * Environment configuration */ project.ext.envConfigFiles = [ ...
How can the service role key be added to the .env file of the react ... | Posted by u/Tonyb0y - 2 votes and 11 comments
react-native-config example does not read variables from .env file or ... | Windows 10 Mobile Device Nexus 6P react-native-cli: 2.0.1 react-native: 0.38.1 SET ENVFILE='.env.prod' && react-native run-android when i run above line on example application its not reading anyth...
How to use Environment files (.env) in React App | What is .env file ? environment or env is a file that holds variables and some sensitive data about your app.